CWE-281

Improper Preservation of Permissions

Parent: CWE-732 - Incorrect Permission Assignment for Critical Resource

The product does not preserve permissions or incorrectly preserves permissions when copying, restoring, or sharing objects, which can cause them to have less restrictive permissions than intended.

329 vulnerabilities with CWE-281
CVE-2024-50924 MEDIUM
Silicon Labs Z-Wave Series 700/800 <7.21.1 - DoS
CVSS 6.5
CVE-2024-50921 MEDIUM
Silicon Labs Z-Wave SDK < 7.21.1 - Denial of Service via Crafted Packet Flood
CVSS 6.5
CVE-2024-50920 HIGH
Silicon Labs Z-Wave <7.21.1 - Privilege Escalation
CVSS 8.8
CVE-2024-41650 CRITICAL
Open Robotics Robotic Operating System 2 <v.humble - Code Injection
CVSS 9.8
CVE-2024-41649 CRITICAL
ROS2 Navigation2 Humble - executor_thread_ Arbitrary Code Execution
CVSS 9.8
CVE-2024-41648 CRITICAL
ROS2 Navigation2 Humble - Regulated Pure Pursuit Arbitrary Code Execution
CVSS 9.8
CVE-2024-41646 CRITICAL
Open Robotics Robotic Operating System 2 <v.humble - Code Injection
CVSS 9.8
CVE-2024-41645 CRITICAL
Open Robotics ROS2 navigation2 v.humble - Insecure Permissions
CVSS 9.8
CVE-2024-41644 CRITICAL
ROS2 Navigation2 Humble - dyn_param_handler_ Arbitrary Code Execution
CVSS 9.8
CVE-2024-37575 HIGH
Mister org.mistergroup.shouldianswer 1.4.264 - Unauthenticated Phone Call Placement via DefaultDialerActivity Intent
CVSS 7.5
CVE-2024-43784 MEDIUM
lakeFS <1.33.0 - Privilege Escalation
CVSS 5.7
CVE-2024-52522 MEDIUM
rclone 1.59.0-1.68.1 - Privilege Escalation via Symlink Permission Manipulation
CVE-2024-36062 MEDIUM
com.callassistant.android <1.174 - RCE
CVSS 4.0
CVE-2024-10458 HIGH
Firefox < 132 & Thunderbird < 132 - SSRF
CVSS 7.5
CVE-2024-44193 HIGH
iTunes <12.13.3 - Privilege Escalation
CVSS 7.8
CVE-2024-9333 MEDIUM
M-Files Connector for Copilot <24.9.3 - Auth Bypass
CVE-2024-44188 MEDIUM
macOS Sequoia <15 - Info Disclosure
CVSS 5.5
CVE-2024-44149 HIGH
macOS Sequoia <15 - Info Disclosure
CVSS 7.5
CVE-2024-40859 MEDIUM
macOS Sequoia <15 - Info Disclosure
CVSS 5.5
CVE-2024-40831 MEDIUM
macOS Sequoia <15 - Info Disclosure
CVSS 5.5
CVE-2024-40770 HIGH
macOS Sequoia <15 - Privilege Escalation
CVSS 7.5
CVE-2024-27858 MEDIUM
macOS Sequoia <15 - Info Disclosure
CVSS 5.5
CVE-2024-27795 HIGH
macOS Sequoia <15 - Info Disclosure
CVSS 7.5
CVE-2024-22121 MEDIUM
Zabbix Agent - Privilege Escalation
CVSS 6.1
CVE-2024-22114 MEDIUM
System Information Widget - Info Disclosure
CVSS 4.3
Details
Vulnerabilities 329
Links
MITRE CWE Entry Search this CWE With Exploits